This Week in AML

Spear-Phishing Advisory, Pig Butchering, and Much More

This week, an advisory on spear-phishing was issued, the US Department of Justice brought indictments for an $80 million pig butchering scheme, and several other interesting things surfaced. John and Elliot discuss these and their meaning for the financial crime compliance community.


Spear-Phishing Advisory, Pig Butchering, and Much More - TRANSCRIPT

Elliot Berman: Hi, John. How are you today?

John Byrne: Good, Elliot. Hope you and your family are going to be able to relax at least for the next couple weeks as we wind down 2023.

Elliot Berman: That is the plan. And are you gonna have the family together for Christmas?

John Byrne: Yes. We're looking forward to that. Everybody will be here. Those of us who have that, pleasant opportunity, it's great. Those of you that can just connect with friends and relatives. I know it's both a challenging and a great time of year, we were thinking of everybody here. A couple of things I wanted to mention and obviously hear from you as well.

As we end this congressional session, which was in the US fairly dramatic for a number of reasons, which we won't go into. They just past the Senate and the House, the National Defense Authorization Act, which a couple years ago when they did this, included a number of anti money laundering provisions. But this time, those were not included, so I thought we should at least reference that the Defense Department and those things related to that have been authorized so the military spending will get signed by the president.

But a couple of things that we thought could potentially have been part of that did not make it. Particularly proposals that would regulate virtual assets and virtual asset providers, deal with how to prevent them from utilizing illicit funds, there was also a couple of those proposals that had passed, the House didn't make it. On the Senate side, there was provisions that would have made the foreign banks that handle the proceeds of fentanyl would be, quote, a primary money laundering concern, unquote, and block their accounts.

Those things can actually happen without legislation, by the way, so some of that could. But I think it'll be interesting to see in the early parts of 2024 whether these issues come up for reconsideration. But again, there was a number of things that we looked at and we thought could happen. But at the last minute, did not.

Elliot Berman: Yes. There was some debate about whether the NDAA would actually get passed before they went out of session. It did include, if I remember correctly, the reauthorization of the FISA courts.

John Byrne: That's true, yeah. That, that did happen. That was something that was supported by the FBI and others in law enforcement. Couple of things that relate to cyber issues obviously a big concern of our of our community. One was an announcement made late last week that a Russian group called Star Blizzard, it also went by Callisto Group, that they continue spearfishing campaigns. And so they were targeting organizations and individuals, particularly in the United Kingdom, but in other geographic areas.

And so the UK National Cybersecurity Center and the US Cybersecurity Infrastructure, CISA and FBI, and NSA. Australia and Canada, New Zealand, all worked together and they've assessed that this Russian Federal Security Service Center is continuing to target and how they are targeting it.

So one of the things they say in the report, it's what's typical of these spearphishing campaigns. It's when an actor targets a specific individual or group using information to be of interest to the targets and then the other actor perceives their target to have direct access to information of interest and be what they call an access vector to another target or both.

And this has been going on since 2019. And the targeting has included academia, the defense industry, NGOs, think tanks, and also elected officials. That report is available. It's by the FBI, NSA, and all the other agencies, including those international organizations. And it's an advisory titled Russian FSB Cyberactor Star Blizzard Continues Worldwide Spear Phishing Campaign.

So that was one thing. Another thing related to cyber security but more about social media. A report just dropped today as we're recording from ProPublica and the title is How Verified Accounts on X Thrive While Spreading Misinformation About the Israel Hamas Conflict.

Now, we know that since Twitter has become X my view, a lot of people that have been, organizations also that have been banned from Twitter are now back on, so there's no guardrails for some of the things that many of us are concerned about. But this particular report was also done with Columbia University, and they talk about things on this platform that are not depicting real events, or events from, nine, ten years ago these sort of things that confuse people that are looking at X for any sort of legitimate information.

So it's ProPublica and Columbia University's Tow Center for Digital Journalism, and they show how false claims based on what they call out of context, outdated, or manipulated media have proliferated during the first month since the conflict. And they've looked over 200 distinct claims and identified at least 2,000 postings that they've determined to be misleading.

And somebody that I've interviewed for our podcasts previously, Michael Zimmer, who's the director of the Center for Data Ethics and Society at Marquette University, he's quoted in the piece and was involved in the research, as he said that the Israel Hamas war is a classic case of information crisis on X, in terms of the speed and volume of the misinformation and the harmful consequences of that rhetoric.

And I urge folks to take a look at this article. This report, when they get a chance it's been posted on LinkedIn and other platforms as well. And as we sadly go to the holidays The FBI and Homeland Security of the United States have warned about increased violent threats on Americans particularly Jewish Americans, and Muslim Americans, so really for anybody and they warn that the violence potential has increased, sadly. So that's something, if you're going to large events, there'll obviously be massive police presence, whether it's in, New York, West Coast, or what have you. So stay vigilant, and obviously we're hoping everybody stays safe throughout the holidays, but wanted to mention those couple of things.

Elliot Berman: Yes, the spearfishing advisory also is worth taking a look at because it does have some recommended actions that people can use to mitigate their risks. None of them are being real surprising, but it has a lot to do with good personal online security hygiene, if you will. So that's a good list that people may want to use to the extent that their marketing departments are asking them for suggestions to help their customers avoid these kinds of risks.

A couple other things that I saw, one is we've talked about pig butchering and the US Attorney's Office in the Central District of California indicted four individuals related to a $80 plus million pig butchering scheme involving folks who as these schemes often have turned over value in the form of virtual assets.

Two of the folks are in California and have been arrested and actually made their first appearances, there are two people from Northern Illinois who remain at large as of the time that this was announced a few days ago. Again, we've written about it, you and I have talked about it, and these are real scams, and there are real crimes being committed, and the government is doing their best to track it down.

The other thing that I saw was a joint statement between the US and India. Undersecretary of the Treasury Brian Nelson, who we've spoken about in the past, and the Revenue Secretary for the Indian Ministry of Finance, held a dialogue on anti money laundering and countering the financing of terrorism. And a lot of discussion there about the pressing need to accelerate global implementation of AML CFT standards for virtual assets in line with FATF's recommendations in this area. Also, information sharing and things like that. The reason I thought this was interesting is it's an indication of the continuing effort by the US and others, too, to have both multilateral and bilateral conversations leading to more effective efforts on a global basis, because as we all know these crimes know no borders, and you can't just stop when you get to the edge and say they went over there I can't chase them. So we have to figure out how to do that cooperatively.

John Byrne: Hey, Elliot, real quick, and I, we didn't talk about this before we started to record, but because this is the last new conversation for 2023, I also want to mention something that I just became aware of that Transparency International, that's a group that we've interviewed before, particularly Gary Kalman from TI, they released a report late last week on corruption in the US because of the real estate market.

So the actual title of the report is A Welcome Mat for Corruption. In a 21 comparison, US falls short in protecting its real estate market. We know there's going to be a NPRM on real estate in 2024 I thought it was important just to reference that TI is going to try to hold the US and FinCEN's feet to the fire in terms of putting out that proposal and moving on that.

Elliot Berman: And Reuters reported today that they expect that regulation will require real estate professionals to provide beneficial ownership information about individuals and companies who make real estate purchases in cash. Whether the the Transparency International report causes the proposal to be broader, or is part of what causes it to be broader, or we only get that. You and I will follow and we'll share with our listeners I'm sure in multiple podcasts as time unfolds.

John Byrne: That's correct. As we push off to the end of the year we have a lot planned for 2024. First thing in terms of webinars, on the 25th of January, we will in recognition of Human Trafficking Awareness Month, doing a program that will dig into the issues related to how the financial sector can continue to work to deter, detect, and prevent human trafficking.

Elliot Berman: Yes, and I want to put in the first of what will be a number of plugs for a 2024 event that you and I are involved in helping plan, although it's a organization, the AML Partnership Forum, they're having their 2024 meeting in Washington, D. C. at the Mayflower Hotel on March 18, 19, and 20. And registration is open. So for people who would like to come to a great program focused on public private partnership and touching on many of the most important issues in financial crime prevention as it stands today we urge you to sign up and come and be part of the dialogue.

John Byrne: Yes the mission's all about partnering between the public and private sector, and so anytime there's an event that does that, we all benefit.

Elliot Berman: Correct. John, you have wonderful holidays with the family. And you and I will be back together the first week of January, and we'll post a new edition on the 5th. There will be an archive edition posted on the 29th, which we think is, worthwhile for you to take a listen to. Wouldn't want you to go a week without some John and Elliot.

John Byrne: Take care. Happy holidays, happy new year. And we'll talk soon. Take care, everybody. Be safe.

Elliot Berman: You too, John. Bye bye.​